Helpful Information
 
 
Category: BSD Help
Linux RedHat VS FreeBSD

hi

what's is better as a web server

Linux RedHat or FreeBSD ???

As anything, FreeBSD is way better. Knowing it's better doesn't mean you have to try it immediately when you are not capable to handle it at this time. So start out with Redhat should probably be a wise choice for you and make your life easier.
Many experienced Linux users don't even have the gut to try FreeBSD. Perhaps they don't have time to learn something new or make immediate migration.

Apache will run the same on either but...

>FreeBSD is way better.

I second that! But it is ALOT more demanding than redhat, what would work right away on rh wouldn't on FreeBSD because it has a stricter way of looking at things! I started with rh and still have a box running it but FreeBSD, after getting it running (with alot of help from 'freebsd') is so much nicer! It remembers commands after rebooting (handy when you're a newbie like me!), the way the directories are setup make more sense, the ports collection is excellent for downloading and installing programs, and i'm sure there are other features that i haven't found yet. But for a user-friendly 'nix' OS i have to admit that redhat is a great learning tool but after a awhile, if you're still into runnning a server, i'll bet you'll migrate to FreeBSD like i did. I'm still getting headaches setting up my FreeBSD box, between the networking, firewalling, dns setup and pulling my hair out fixing a fouled up qmail install but hey what's hair for anyway? Install redhat, make sure you have a good firewall (ipchains sucks compared to ipfilter though), configure apache (that will teach you alot about directories, files, permissions, etc.) and... and... and... have fun!!! i sure am even though i'm almost bald now!!!

Terry

NOTE: Whatever you do - DON'T SET UP A DUAL BOOT!!! Keep a windoze box for other things, like asking questions here! Keep your server 'nix' !!!

I used Linux for three days way back when, got fed up with it and got back to windows (3.11 at the time.) This was several years ago, so it wasn't really a "forgiving" OS at the time.

Anyway, scince windows piss me off aswell I tried RH again a while later... Still sucked... Worked better then my first try, this time it was graphical and was on CD, but still dissapointed.

It should be said that I tried linux becous I'd never heared of Free,Net or OpenBSD at the time. Anyway, I am a bit of a cryptofreak so eventually I heared of OpenBSD, smacked that in, and man was this soooo much better then Linux. Open and Free aren't exactly the same, but basicly. It was so nice to have control over where stuff landed on the drive.... I thought to myself I never use a stinking RPM ever again ;) And as tlthomas said... to find stuff in the catalogues where they are supposed to be is amazing comming from Linux!

Now I run OpenBSD, FreeBSD or NetBSD wherever I can... With a slight favouritism towards OpenBSD scince that was the system that converted me. ;)

My first Unix experience was on Solaris though... Was an administrator a few years back... BSD is better in my opinion... So you see, it doesn't only outclass windows and Linux, it outclass system V aswell ;)

One thing I wouldn't really agree on with mr tlthomas is that Apache would be easyer in RH. Just a few days ago I set up an Apache server on an OpenBSD 3.0, and well... what could be easyer? Apache comes with the install, you just modify the conf file and start up the deamon...done.


/Fjodor

>Apache comes with the install, you just modify the conf file and start up the deamon...done.

If i remember correctly redhat, during the install process, gives you an option of 'Install As Server" which automatically installs apache so all you have to do is modify the httpd.conf file and then start apache.

>this time it was graphical and was on CD, but still dissapointed.

As far as a graphical interface, i installed it the first time on redhat, tried it, hated it, next reinstall it was gone! If you want pretty stick with windows (although there are some really nice programs that run on linux, gimp, star office, etc.), if you want power - go command line!

BTW kaSer in case this is your first foray into the 'nix' world... there is no 'Garbage Can' or 'undo/restore' in either...

Terry

>> i have to admit that redhat is a great learning tool but after a awhile

When you're learning Redhat, you are really learning the Redhat distribution (your true UNIX experience would remain zero. BSD users without prior experience in Linux can pick it up easily but not the other way around), which sucks, when Redhat developers don't even know what /usr/local is for. To put it in simple term, Redhat installs files all over the places. Though, that makes uninstalling program easier when you can rm -rf /usr/local/apache rather than finding apache related files in /usr/local/*.

The advantage of a consistent directory layout outweigh the ease of uninstalling program:

1) You will never have to add lib path, man path manually
2) Your compiler will know where to locate proper file
3) finding files is alot easier because files won't end up in a non-standard location where whereis and locate unable to locate
4) other software that look for dependencies can easily locate it without having you to manually specify the search path

AFAIK, the only Linux dist that has a consistent directory layout hierarchy is Slackware. But why use Slackware when FreeBSD can do everything better?

>> ipchains sucks compared to ipfilter though

ipchains sucks because it's a stateless packet filter. Though Linux has iptables (stateful). That said, if you run Linux and care about security, there is no reason to choose ipchains over iptables. Of course, when it comes to comparing ipchains with ipfilter, it's no match.

>> wouldn't really agree on with mr tlthomas is that Apache would be easyer in RH

I wouldn't either. I assume he refers to installing Apache via RPM. When you install Apache via RPM, you obviously don't have a clue how to compile software (if ever). It makes adding modules or updating harder when you are trying to add a module that is only available in source code (no RPM). Don't forget, most software are available in src, you can't build a RPM unless the src is available.

In the end of this Redhat vs. FreeBSD, I can say it's all about learning attitude. BSD users are not always smarter than Linux people. It's how much time and effort you are willing to spend on learning, and learning it right with BSD. If you just try to get everything up and running in no time, go for Redhat.

Thank you guyz so much

Well, i think i'll start with RedHat then i will check FreedBSD


greetz

Aren't there a Linux built on the berkley system? For some reason that echoes in the back of my head....


//Fjodor

Originally posted by Fjodor
Aren't there a Linux built on the berkley system? For some reason that echoes in the back of my head....


//Fjodor
No, Linus Torvalds wrote it from stratch. Linux just has few similar features and functions.

I have both FreeBSD and Linux installations, have used
FreeBSD for a while, just installed Linux about 6 months ago.
It is great to learn both, from skills diversification
perspective.

Some issues that come to mind:

1. Linux kernel and the actual version seem to be different,
Presently, the kernel is like in the 2.** range while Redhat
Linux is 7.1+ right now. Kernel development seems to
run independent of the overall OS. Why ?

2. RPMs, what is the motivation ? transparency ? simplicity ?
It seems to match up with ports althought at times I see
no compilations, seems like only binaries are being installed ?

3. I am not sure if FreeBSD has a GUI install yet ? I think,
the downside of this (IMHO) is that it sometimes intimidates
newbies from using it.

4. Linux emulation is great, but I wish I had the ability to
run databases Oracle and Sybase without Linux emulation
(somehow convince Oracle and Sybase to offer
pure/native FreeBSD support). Even some games like
Quake are supported more on Linux based platforms.

It would be helpful to compile similarities of both platforms
since it would encourage folks from trying out the "other" one,
based on similarities, instead of thinking about the scary
differences first.

I agree from an earlier post, it is the attitude of how you
learn these OS'es and what you have been initially exposed to.

Interesting!!!!

1) When people talking Linux OS, they are really talking about the Linux distribution, not the Linux kernel in most cases. Like I said in my previous post, when you are learning Redhat Linux, you are really learning Redhat specific userland and how they put things together into a Linux core, the Linux kernel. So a Linux distributor doesn't necessary be on the bleeding edge and implement the latest Linux kernel on their latest version or playground.

2) Yes binaries with simplicity but absolutely no configurability. So you really have to trust the person who built that RPM binary, and rush him to be up-to-date on latest software. And if you can't wait, you'll have to compile a software yourself, and often without a clue what the PREFIX should be. As a result, you'll more likely installing software all over the places, and having tough time with dependencies and compatibility problems.
In BSDs, even if a software is not available from ports collection, you will likely have a clue where to install it to compile with BSD hierachy standard.

3) >> sometimes intimidates newbies from using it

Which is a good news. Keep the BSD community small, we don't need too many unqualified people to try it. You can say there are no saleman in BSD teams because they don't know how to advertise their OS. Perhaps some of them are salemen but they don't care about BSD's popularity.
Why are there so many Linux people asking questions (mostly RTFM'able or stupid) whereas BSD people seldom ask questions, perhaps Linux community is much larger than BSDs?
Like I said, when you are technical incapable to handle BSD, you obviously will not try an OS that makes your life tougher. But some people think they are smart *** and wanting to challenge BSDs ( so they can show off to others like: "hey dude I run BSD, therefore I'm smarter than ya) even when they are not qualify in the first place. IMHO, you don't need to be a smart *** to try BSD, but you do need to have a good learning attitude toward learning it. If you are looking for point-and-click-and-ready-to-run software, just use Linux or stick with Windows. So it's good to BSDs that there is an entry barrier which scares unqualified people away from it.

4) As far as Linux emulation, if you must install those software, just face it and install Linux emulator. For games, why bother? *NIX is never meant to be an OS for gamers. Hardware is no longer expensive, so why can't you build another Windows dedicated for games? If you can't afford it, just don't install Linux in the first place because you are not financial capable to experience another OS.

In the end, when you are that type of person:
- who likes to ask first
- Google, what is it? URL?
- don't like to RTFM yourself
- it's the end of world when you make a mistake
- can't live without GUI
- financial incapable
- no spare time
- pretends to be a smart ***
- just to show off

then you don't qualify to be part of BSD community. If you insist on staying (you always can and nobody can stop you), you will likely be the BSD user who kicks yourself out.

>> it defaults to installing it all over /usr/local/

Not all over it but a consistent location, you can find out more if you man 7 hier.
Here is an ls output of /usr/local directory:


bin etc include info lib libdata
libexec man sbin share src

>> in much the same way the RedHat does in /

Absolute no. Redhat tells Linux people to install local stuffs to /usr/local. But they failed to educate people (because they don't even know themselves) what should the PREFIX be. As a result, a common ls output of /usr/local on Redhat could look like so:


apache bin etc include info lib libdata
libexec man mysql php3 php4 sbin share src openssl
That said, Redhat mistakenly educates people to create their own playground in /usr/local. There is no file system hierachy standard whatsoever.
As a result, I have seen so many people saying something like: "PHP, MySQL and Apache installed fine but when I started Apache it showed some errors, what could be wrong?"

Again, Linux is a fine kernel. The distributors who package it suck when they don't have a file system hierachy standard for users to follow. Among so many other things, Linux is just a toy for Windows users who want to play around with for fun.

Jason why you deleted your post?

Sorry I misread part of your posting, I agree with what you posted and it appeared I was questioning it.

Deleted it just after posting it, but you'd already got there..

Jason.

You should take a look at OpenBSD (http://www.openbsd.org/). It's secure out of the box, has an excellent ports tree, and the layout of everything makes a lot of sense. An excellent operating system.

Too bad OpenBSD 3.0 is no longer as secure+stable as its former 2.X versions out-of-the-box because they removed IP Filter and djbware when the team leader, an individual person among the team named Theo didn't get along with Darren (ipf author) and djb (qmail author).
BTW, OpenBSD can never be an excellent OS when it's concentrated in one dimensional - security. Without stability and reliability, excuse me, how can you call it excellent?

freebsd,

Though OpenBSD 3.0 no longer has the same ipf, it now has pf (Packet Filter) (http://www.openbsd.org/faq/faq6.html#PF) which was written by the OpenBSD team. It's excellent, and remarkably free of bugs, especially for a first release. Some people have even noticed a 30%+ speed increase over ipf.

I would rather have the djb stuff (like you), but the versions of BIND and sendmail included in OpenBSD have been audited line by line, and I feel pretty safe running them.

And how can you bash the reliability and stability of OpenBSD? I've never seen it crash in normal use. A few issues with kernel compiles and whatnot, but nothing that wouldn't happen with another OS.

>> it now has pf (Packet Filter)

Yeah, but it's too new to claim stable.

>> the versions of BIND and sendmail included in OpenBSD have been audited line by line

Doesn't matter as those world-most insecure software are still insecure no matter how you audit the src. You still can see a huge exploit list on errata. And you can see how often those software update their versions and why they need an update? Mainly because of bugfix on exploits far more than new features.
Maybe there should be a djbBSD but too bad that won't happen because of djb's strict licensing. You can say just to make a djbware system default is not even possible.

>> how can you bash the reliability and stability of OpenBSD?

Because they are concentrated on security. Like IPF in 2.X, there was only one stable release on 2.9-current dated after May 2001 and before its removal date. You can find out more here (http://forums.devshed.com/showthread.php?threadid=26299&forumid=31) and here (http://forums.devshed.com/showthread.php?threadid=23343&forumid=31).

>> nothing that wouldn't happen with another OS

Same IPF was very stable on FreeBSD/NetBSD but not on OpenBSD because they audited ipf aggressively and made things broken all over the places.

No matter what you say, I'm still pretty damn happy with pf - reliability, speed, and ease of use.

And as I say, I'd rather have the djb software, but I don't worry to much about running the sendmail that's included (I don't run the BIND). Though BIND and sendmail may not be all that secure, OpenBSD does have 4 years without a remote hole in the default install - which includes sendmail.

And reliability - yes, the main focus at OpenBSD is security, but you'd have a hard time convincing me that it comes at the expense of stability.

Well, one of my friend used use OpenBSD 2.9 on the very heavy traffic on OpenBSD server. He always has the problem with the stabiity and reliability, so he decided to give FreeBSD a shot. He found out that FreeBSD is much more better than OpenBSD, which he doesn't has any of problem for long time by now. It's much faster than OpenBSD as well.

>> OpenBSD does have 4 years without a remote hole in the default install

In reality there is no such thing as default install. A default install doesn't make your OS useable. Say NetBSD and FreeBSD's /etc/defaults/*.conf files, those are the defaults that doesn't know what your hostname is. When you add your hostname to /etc/rc.conf, that's no longer a default install. Similarily, to enable ipfilter you would need to change ipfilter_enable="NO" in /etc/defaults/rc.conf to ipfilter_enable="YES" in /etc/rc.conf, that's no longer a default install.
BTW, if you haven't read the two threads I posted previously, here's the summary:

OpenBSD mistakenly and aggressively changed the behavior of IPF to make it more sensitive when there is a checksum mismatch in IP header. When this occurs, FreeBSD/NetBSD, being RFC compliance would discard those silently. RFC1122 (http://www.faqs.org/rfcs/rfc1122.html) section 3.2.2 specifies that very clearly. OpenBSD, on the other hand, trying to be aggressive, chose (a decision bug) to panic your kernel when such event occurs.
When should that checksum error occurs?
When using return-icmp-as-dest(xxx) or return-icmp.
Why should I use return-icmp-as-dest(xxx) and what's its benefit?
It's to send an error message to the remote end and tell him no service (udp) is running on this port immediately without delay. You can say it's somewhat equivalent to sending return-rst (RESET) in TCP. Doing so is very common on port 113 to avoid timeout.
Why should OpenBSD changed that?
Because they think they are smart *** and should panic your kernel forcing you to reboot. That's a sign of instability.
Was that the reason of IPF removal?
One of the reasons but not all. OpenBSD audited every line of code as you mentioned, including IPF that was being modified heavily. There were so many OpenBSD users on IPF's mailling list complaining about IPF problems in OpenBSD. Darren (IPF's author) confirmed it was OpenBSD's mistakes entirely.
What other common problems?
traceroute behind OpenBSD's IPF was broken in 2.8. ping was broken in 2.7. ftp-proxy was broken in 2.8. None of those was broken in NetBSD and FreeBSD.
You said you are damn happy with PF, perhaps you are addicted to OpenBSD?
For me, I don't care what OS I am going to run. If there are better alternatives (Free/Net) I'd choose either one of those without a doubt. I do care about stability, security and reliability. When an OS can't satisfy all three, I just won't run it, of course I am talking about running servers on that OS (my only desktop remains win98 and I don't hate M$). I just choose the right OS for the right task.










privacy (GDPR)